Cross-Domain in SignalR – ASP.NET SignalR

在SignalR 2.x 中实现跨域过程中出现过以下情况:

连接请求中的 Access-Control-Allow-Origin 被拒绝, 要求使用Access-Control-Allow-Credentials,

设置Access-Control-Allow-Origin 为通配符"*"以后, 提示credentials flag为true, 通配符无效, 等等诸如此类的问题.

 

该文章内容为在SignalR 2.x中实现跨域, 1.x版本不作考虑.

相关内容参见SignalR官方文档: this

 

说明

在SignalR 2.x中使用了OWIN中间件, 文档中指出:

If JSONP is required on the client (to support cross-domain requests in older browsers), it will need to be enabled explicitly by settingEnableJSONP on the HubConfiguration object to true, as shown below. JSONP is disabled by default, as it is less secure than CORS.

这段话的意思是: 如果想要在较旧的浏览器中支持跨域请求, 需要在HubConfiguration启用设置EnableJSONP为true, 默认情况下是禁用的.

所以不管何种情况, EnableJSONP直接设为true就可以了.

 

接下来就是比较重要的一段话, 为实现跨域在国内外网站上找了半天, 都是关于1.x的实现, 而在2.x中EnableCrossDomain已经过时了.

The following code demonstrates how to enable CORS or JSONP in a SignalR 2 project. This code sample uses Map and RunSignalR instead ofMapSignalR, so that the CORS middleware runs only for the SignalR requests that require CORS support (rather than for all traffic at the path specified in MapSignalR.) Map can also be used for any other middleware that needs to run for a specific URL prefix, rather than for the entire application.

加粗的文字是这句话中的重点, 使用Map & RunSignalR代替MapSignalR方法.

 

实现

packages:

项目中引用的package有以下, 其中为实现跨域, 需要Microsoft.Owin.Cors这个包.

<?xml version="1.0" encoding="utf-8"?> <packages> <package id="Autofac" version="3.5.0" targetFramework="net45" /> <package id="Autofac.Mvc5" version="3.3.4" targetFramework="net45" /> <package id="Autofac.Owin" version="4.0.0" targetFramework="net45" /> <package id="Autofac.SignalR" version="3.0.2" targetFramework="net45" /> <package id="jQuery" version="1.10.2" targetFramework="net45" /> <package id="Microsoft.AspNet.SignalR" version="2.1.2" targetFramework="net45" /> <package id="Microsoft.AspNet.SignalR.Core" version="2.1.2" targetFramework="net45" /> <package id="Microsoft.AspNet.SignalR.JS" version="2.1.2" targetFramework="net45" /> <package id="Microsoft.AspNet.SignalR.SystemWeb" version="2.1.2" targetFramework="net45" /> <package id="Microsoft.Owin" version="3.0.1" targetFramework="net45" /> <package id="Microsoft.Owin.Cors" version="3.0.1" targetFramework="net45" /> <package id="Microsoft.Owin.Host.SystemWeb" version="3.0.1" targetFramework="net45" /> <package id="Microsoft.Owin.Security" version="3.0.1" targetFramework="net45" /> <package id="Newtonsoft.Json" version="7.0.1" targetFramework="net45" /> <package id="Owin" version="1.0" targetFramework="net45" /> </packages>

 

在这里使用的依赖注入容器是Autofac, 如果未使用DI包, 不设置即可. /* your DI container */替换为依赖注入的Container, autofac是IContainer的实例.

 

startup.cs

public class Startup { public void Configuration(IAppBuilder app) { // Get your HubConfiguration. In OWIN, you'll create one // rather than using GlobalHost. var config = new

 HubConfiguration
            {
                // support jsonp in old browsers

EnableJSONP = true, EnableDetailedErrors = true,

                // user dependency injection

Resolver = new Autofac.Integration.SignalR.AutofacDependencyResolver( /* your DI container */), }; // Register the Autofac middleware FIRST, then the standard SignalR middleware. app.UseAutofacMiddleware(/* your DI container */); //app.MapSignalR("/signalr", config); app.Map("/signalr", map =>

            {
                map.UseCors(CorsOptions.AllowAll);

                map.RunSignalR(config);
            });
        }
    }